Gentoo Linux Security Advisory 202208-08

Gentoo Linux Security Advisory 202208-8 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. Versions less than 91.12.0:esr are affected.

Gentoo Linux Security Advisory 202208-09

Gentoo Linux Security Advisory 202208-9 - Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service. Versions less than 1.9.17 are affected.

Red Hat Security Advisory 2022-5997-01

Red Hat Security Advisory 2022-5997-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The ceph-ansible package provides Ansible playbooks for installing, maintaining, and upgrading Red Hat Ceph Storage. Perf Tools is a collection of performance analysis tools, including a high-performance multi-threaded malloc() implementation that works particularly well with threads and STL, a thread-friendly heap-checker, a heap profiler, and a cpu-profiler.

Gentoo Linux Security Advisory 202208-07

Gentoo Linux Security Advisory 202208-7 - A buffer overread in LibRaw might allow an attacker to cause denial of service. Versions less than 0.20.2 are affected.

Gentoo Linux Security Advisory 202208-13

Gentoo Linux Security Advisory 202208-13 - A vulnerability in libass could result in denial of service. Versions less than 0.15.1 are affected.

Ubuntu Security Notice USN-5557-1

Ubuntu Security Notice 5557-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Red Hat Security Advisory 2022-6002-01

Red Hat Security Advisory 2022-6002-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5937-01

Red Hat Security Advisory 2022-5937-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2022-6024-01

Red Hat Security Advisory 2022-6024-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 5.2 and Red Hat Enterprise Linux 8.6 and Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.

Ubuntu Security Notice USN-5555-1

Ubuntu Security Notice 5555-1 - It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Red Hat Security Advisory 2022-5942-01

Red Hat Security Advisory 2022-5942-01 - Vim is an updated and improved version of the vi editor. Issues addressed include buffer over-read and out of bounds write vulnerabilities.

Red Hat Security Advisory 2022-5924-01

Red Hat Security Advisory 2022-5924-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.

Red Hat Security Advisory 2022-5934-01

Red Hat Security Advisory 2022-5934-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2022-5875-01

Red Hat Security Advisory 2022-5875-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.26.

Red Hat Security Advisory 2022-5928-01

Red Hat Security Advisory 2022-5928-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2022-5923-01

Red Hat Security Advisory 2022-5923-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.

[webapps] ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS)

ThingsBoard 3.3.1 'name' - Stored Cross-Site Scripting (XSS)

[webapps] Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)

Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)

[webapps] Prestashop blockwishlist module 2.1.0 - SQLi

Prestashop blockwishlist module 2.1.0 - SQLi

[webapps] ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)

ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)

[remote] PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)

PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)

Backdoor.Win32.Guptachar.20 / Insecure Credential Storage

Posted by malvuln on Aug 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials "hacker01:imchampgr8" get stored
in a...

Ubuntu Security Notice USN-5554-1

Ubuntu Security Notice 5554-1 - Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5553-1

Ubuntu Security Notice 5553-1 - It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, which could lead to a heap-based buffer overread. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM.

Red Hat Security Advisory 2022-5913-01

Red Hat Security Advisory 2022-5913-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-5915-01

Red Hat Security Advisory 2022-5915-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-5552-1

Ubuntu Security Notice 5552-1 - It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting attacks.

Red Hat Security Advisory 2022-5914-01

Red Hat Security Advisory 2022-5914-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-5905-01

Red Hat Security Advisory 2022-5905-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include an out of bounds access vulnerability.

Ubuntu Security Notice USN-5548-1

Ubuntu Security Notice 5548-1 - It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code.

Red Hat Security Advisory 2022-5909-01

Red Hat Security Advisory 2022-5909-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

Ubuntu Security Notice USN-5546-2

Ubuntu Security Notice 5546-2 - USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18.

Ubuntu Security Notice USN-5549-1

Ubuntu Security Notice 5549-1 - It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine.

Ubuntu Security Notice USN-5546-1

Ubuntu Security Notice 5546-1 - Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 17 and OpenJDK 18. It was discovered that OpenJDK incorrectly limited memory when compiling a specially crafted XPath expression. An attacker could possibly use this issue to cause a denial of service. This issue was fixed in OpenJDK 8 and OpenJDK 18. USN-5388-1 and USN-5388-2 addressed this issue in OpenJDK 11 and OpenJDK 17.

Ubuntu Security Notice USN-5550-1

Ubuntu Security Notice 5550-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-5908-01

Red Hat Security Advisory 2022-5908-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

Ubuntu Security Notice USN-5551-1

Ubuntu Security Notice 5551-1 - It was discovered that mod-wsgi did not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker could use this issue to pass the header to WSGI applications, contrary to expectations.

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 27374. Attackers who can reach
an infected system can send a large payload and trigger a classic stack
buffer overflow...

Backdoor.Win32.Bushtrommel.122 / Authentication Bypass

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 31745 runs an ftp server on
port 1030. Attackers who can reach infected systems can logon using any
username/password...

Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 31745 and 1030. Adversaries
who can reach infected hosts can run commands made available by the...

Gentoo Linux Security Advisory 202208-03

Gentoo Linux Security Advisory 202208-3 - A vulnerability in Babel could result in remote code execution. Versions less than 2.9.1 are affected.

Gentoo Linux Security Advisory 202208-04

Gentoo Linux Security Advisory 202208-4 - Multiple vulnerabilities in libmcpp could result in a denial of service condition. Versions less than 2.7.2_p5 are affected.

Gentoo Linux Security Advisory 202208-01

Gentoo Linux Security Advisory 202208-1 - A vulnerability in lib3mf could lead to remote code execution. Versions less than 2.1.1 are affected.

Gentoo Linux Security Advisory 202208-05

Gentoo Linux Security Advisory 202208-5 - Multiple vulnerabilities have been found in Icinga Web 2, the worst of which could result in remote code execution. Versions less than 2.9.6 are affected.

Gentoo Linux Security Advisory 202208-02

Gentoo Linux Security Advisory 202208-2 - Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. Versions less than 1.18.5 are affected.

Red Hat Security Advisory 2022-5904-01

Red Hat Security Advisory 2022-5904-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2022-5893-01

Red Hat Security Advisory 2022-5893-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2022-5892-01

Red Hat Security Advisory 2022-5892-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2022-5903-01

Red Hat Security Advisory 2022-5903-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include HTTP request smuggling, denial of service, and deserialization vulnerabilities.

Ubuntu Security Notice USN-5547-1

Ubuntu Security Notice 5547-1 - Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations, leading to a null-pointer dereference. A local attacker could use this to cause a denial of service. Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-5766-01

Red Hat Security Advisory 2022-5766-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5778-01

Red Hat Security Advisory 2022-5778-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.12.0. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5894-01

Red Hat Security Advisory 2022-5894-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 is a first release for Red Hat JBoss Enterprise Application Platform 7.4 on Red Hat Enterprise Linux 9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.

Red Hat Security Advisory 2022-5729-01

Red Hat Security Advisory 2022-5729-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.25.

Red Hat Security Advisory 2022-5806-01

Red Hat Security Advisory 2022-5806-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5765-01

Red Hat Security Advisory 2022-5765-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5730-01

Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.

Red Hat Security Advisory 2022-5805-01

Red Hat Security Advisory 2022-5805-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-5840-01

Red Hat Security Advisory 2022-5840-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

Red Hat Security Advisory 2022-5821-01

Red Hat Security Advisory 2022-5821-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.